1. Field of the Invention
The invention relates generally to application processing systems with verified electronic or voice signatures, and locking of an application, for tamper protection, using internal and external checksums.
2. Description of the Related Art
When making transmission of information from one person to another, for example, email, it is useful to be able to confirm the identity of the sender. One way of performing this identification is using public key cryptography. Public key cryptography relies on public and private keys to sign a message. Each individual has both a private key and a public key, this correspondence between an individual and their keys is set up using the public key infrastructure (PKI) (e.g. a certificate authority). Messages are encoded with one key (e.g. the public key), and can only be decoded with the other key (e.g. the private key). In this way, the receiver of a message can confirm the identity of a sender, since only the corresponding key can decode the message. Algorithms that can be used to encode messages include the RSA algorithm.
One way of securing the integrity of transmissions is through the use of checksums. For example, when transmitting a binary message a parity bit can be used that represents whether the number of 1's in the message is even. If a 0 in the message is changed to a 1 during transmission, this can then be detected by a parity bit that is incorrect for the received message. Another example is a cyclical redundancy check (CRC). This is a code that can be appended to a message so that changes in the transmission can be detected. The CRC code is compared to the code generated for the received message. If the codes do not match, then the receiver knows that the received message is not that same as the transmitted message.
Another example of method for securing the integrity of a message is a hashing function. A hashing function computes a number (or other smaller message) for a longer message. Similar to a CRC code, if the receiver does not generate the same hash value for the received message, it can determine that the message has been altered. One group of hash functions are the SHA (Secure Hash Algorithm) hash functions. Another group of hash algorithms are the message digest algorithms (e.g. MD5).
Insurance applications can be applied for by many methods, including in person, through the mail, electronically over the Internet, or through the phone either using an agent or an interactive voice response system. Submitting applications electronically over the internet or through the phone has the benefit of being convenient for the applicant. Because the applicant is not able to physically sign the application, as they can in person or through the mail, these applications can be signed either electronically (e.g. the typing of a name or certain statement) or through the phone (e.g. stating “I agree”). The signature on an application serves to show the applicant's agreement to terms of the application. However, the signature does not solve the need to be able to confirm at a later date what the terms of the application were, and to ensure that the signed application has not been altered in any way.